Am I right in thinking that this is not a thing that can be done automatically with a system upgrade as yet? And does one nedd to restart any services once you've changed /etcc/fstab? 50k rocks by the way.

by the way, what is kernel exploit means ? what does it do actually ? is it the same like virus ?

Basically, if someone has an account on your box, they can use that to obtain root (system administrator) access. Anyone that has root access can do anything to the box, such as reformat it. This is not remotely exploitable--the cracker must be "local" on the system.

I updated the kernel. Actually I was using a version of 2.6.16 before this update because suspend to disk doesn't work right with 2.6.17 (that includes the new version). Does the exploit affect the earlier kernels also?

I believe this exploit targets all 2.6 kernels. If not, probably back to 2.6.8 or something.

Fedora legacy hasn't put out any new kernels yet, and I haven't seen any traffic about it on their list. If they make one for FC3, it'll automatically be in the blag repository. If they don't make one, I'll see what I can whip up after 50001 is done.

If they don't make one, I'll see what I can whip up after 50001 is done.

Don't go out of your way just for me. It's not a big deal. The only time I use suspend to disk is when I'm testing it to see if it works. And I assume it will be fixed eventually anyway, unless I'm the only one affected, which I doubt.

It appears that BLAG 30k & 50k are not vulnerable to the recent /proc hole since the exploit needs a.out support. Those kernels are not compiled with a.out.

Dave Jones wrote:

Additionally, this exploit only works with kernels compiled with support for a.out style executables, which Fedora isn't. I've got an update building for 2.6.17.6 anyway, just to stop the inevitable "why hasn't Fedora been patched" questions.

Who is online

Users browsing this forum: No registered users and 0 guests

You cannot post new topics in this forumYou cannot reply to topics in this forumYou cannot edit your posts in this forumYou cannot delete your posts in this forumYou cannot post attachments in this forum